package demo3.boot.controller;

import demo3.boot.pojo.People;
import io.swagger.annotations.*;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpSession;

@Controller
public class MyController {

    @ApiOperation(value = "主页的接口",notes = "提示信息")
    @RequestMapping({"/","/index.html"})
    public String index(@ApiParam("model储存返回视图参数描述") Model model){
        model.addAttribute("msg","欢迎您");
        return "index";
    }


    @RequestMapping("/toLogin")
    public String toLogin(){
        return "login";
    }

    @RequestMapping("/login")
    public  String login(String username, String password, Model model, HttpSession session){
//        获取当前用户
        Subject subject = SecurityUtils.getSubject();
//        封装用户的登陆数据
        UsernamePasswordToken token = new UsernamePasswordToken(username,password);
        try{
//        拿着令牌登录
            subject.login(token);
            session.setAttribute("loginUser",username);
            return "index";
        }catch (UnknownAccountException e){
            model.addAttribute("msg","用户名错误");
            return "login";
        }catch(IncorrectCredentialsException e){
            model.addAttribute("msg","密码错误");
            return "login";
        }catch (NullPointerException e){
            model.addAttribute("msg","用户名或密码错误");
            return "login";
        }

    }

    //    登出 这个方没用到，用的是shiro默认的logout 两种方法
    @RequestMapping("/logout")
    public String logout(HttpSession session,Model model){
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        model.addAttribute("msg","安全退出！");
        return "index";
    }

    @RequestMapping("/noauth")
    @ResponseBody
    public  String unauthorized(){
        return "未经授权不能访问此页面";
    }

    @RequestMapping("/add")
    public String add(Model model){
        return "redirect:/user/add";
    }
    @RequestMapping("/user/add")
    public String add2(Model model){
        return "/user/add";
    }

    @RequestMapping("/update")
    public String update(Model model){
        return "redirect:/user/update";
    }

    @RequestMapping("/user/update")
    public String update2(Model model){
        return "/user/update";
    }

    @ResponseBody
    @RequestMapping("/getPeople")
//    如果希望在方法上配置多个参数时，用在方法上，表示单独的请求参数，总体功能 和@ApiParam 类似--》name：属性名，value：描述，required：是否是必须的，paramType：属性类型，dataType：数据类型
    @ApiImplicitParams(value={
            @ApiImplicitParam(name="id",value = "编号",required = true,paramType = "query",dataType = "string"),
            @ApiImplicitParam(name="name",value = "姓名",required = true,paramType = "query",dataType = "string")
    })
     public People getPeople(Long id, String name) {
        People people = new People();
        people.setId(id);
        people.setName(name);
        people.setAddress("南宁");
        return people;
    }

}

